Thread Previous • Date Previous • Date Next • Thread Next |
W dniu 19.08.2014 o 16:32, Daniel Holm pisze:
Since I don't really know that that means anyways I'm inclined to ask what the issue with http(s) auth would be; that we would have to store username and password instead of a key?
Yes, and not having control over what has access to (what) in your account. Basically until you change your password, the account service has full access to your ownCloud.
With OAuth and similar, there's a unique key identifying the app/system that you granted access for, that you can always look through and revoke, sometimes even change access levels per "client". If the authentication happens through a website, the "asking" party never even gets to know your password.
-- Sq
Thread Previous • Date Previous • Date Next • Thread Next |